Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/f2e5e11c-f4e0-4f91-8ed1-a6cba6c5e288.roa
File:                     f2e5e11c-f4e0-4f91-8ed1-a6cba6c5e288.roa (raw, json)
Hash identifier:          pSs5EMX1dRCdzKQ/LBXLfCop8DrTbdpmlHgwmGJhuYY=
Subject key identifier:   79:BA:33:5A:22:DF:FA:B3:49:A1:9F:2A:18:E9:02:2C:D8:43:77:52
Certificate issuer:       /CN=c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04
Certificate serial:       66E91CB6FFA759A89DCA650DD523316F2685E2A9
Authority key identifier: 99:C3:54:4C:08:C9:94:54:B8:79:95:1E:FF:A4:7A:8F:63:C8:A7:77
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/f2e5e11c-f4e0-4f91-8ed1-a6cba6c5e288.roa
Signing time:             Fri 26 Sep 2025 00:50:06 +0000
ROA not before:           Fri 26 Sep 2025 00:50:06 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        96.127.0.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/77b56428-9b52-416f-b279-bbae14422de2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/77b56428-9b52-416f-b279-bbae14422de2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:e9:1c:b6:ff:a7:59:a8:9d:ca:65:0d:d5:23:31:6f:26:85:e2:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04
        Validity
            Not Before: Sep 26 00:50:06 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=92c6c7238b84075b32045a93b38ca7e83d94a0b6379d27aa0c02da5316c42d0c, CN=0099a7ea-794a-4a28-b164-49547626eb11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:4d:c1:e5:44:a7:db:3e:f7:d8:a3:44:a5:7b:
                    d9:97:bb:69:81:85:19:c5:80:79:d3:05:d0:11:3c:
                    92:ff:c1:83:a5:a3:c0:6b:a1:95:c0:b5:a8:da:bf:
                    96:ce:2f:0d:05:d3:64:0e:bb:f8:39:7d:a8:ba:fd:
                    50:0f:a0:39:a1:e1:79:8e:cc:f4:a1:5a:cc:8b:2a:
                    43:9a:1b:92:33:78:2e:2b:2d:77:e9:3f:ae:1e:4c:
                    d2:f3:d5:7e:f2:b9:38:24:96:01:64:36:1e:8b:53:
                    10:01:82:8b:ae:be:ce:76:f5:6a:65:37:43:1f:78:
                    8d:4c:f0:ca:f3:f4:ab:42:6e:de:86:36:21:a7:e9:
                    59:cf:bf:8a:24:a0:58:9e:b4:70:d1:8b:d9:67:90:
                    52:34:d2:a0:08:98:46:9e:87:1e:49:cb:67:dd:e9:
                    dc:ea:24:56:1b:5b:be:35:11:0f:45:53:08:ff:49:
                    27:ff:bb:17:e4:3b:8a:64:88:a7:9b:6a:24:7b:97:
                    d6:8a:08:4b:0c:5d:2d:4f:85:52:cc:0a:b4:a9:4a:
                    2c:84:55:df:0a:a0:4e:e7:f0:c4:ca:e6:57:91:37:
                    7b:7d:b9:04:8a:15:59:a7:80:aa:7b:9e:cb:fa:72:
                    79:b3:d5:85:74:db:3d:72:f8:9b:fa:1f:62:6b:f9:
                    52:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:BA:33:5A:22:DF:FA:B3:49:A1:9F:2A:18:E9:02:2C:D8:43:77:52
            X509v3 Authority Key Identifier:
                keyid:99:C3:54:4C:08:C9:94:54:B8:79:95:1E:FF:A4:7A:8F:63:C8:A7:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/f2e5e11c-f4e0-4f91-8ed1-a6cba6c5e288.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  96.127.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         4e:95:7b:3f:c8:0c:d9:7a:69:0f:54:3a:3e:21:70:7b:a5:5e:
         18:76:f6:a2:ea:9f:3e:10:50:78:e5:8c:e9:6c:3e:e5:f8:35:
         10:f8:a4:1c:66:a5:99:11:91:52:e2:84:28:5a:48:ad:61:b7:
         16:b3:90:f9:6a:f4:3b:90:c4:87:64:c7:c2:5a:0f:08:31:8f:
         73:fb:7b:ae:e1:2c:54:1e:6f:5a:5e:95:0e:75:19:e0:fc:ce:
         34:95:00:14:97:55:0f:58:cc:dc:af:95:37:44:0a:e0:c6:7a:
         bf:b9:49:84:b0:29:3a:63:d0:89:27:32:95:f2:51:de:b1:c1:
         eb:4c:2b:10:01:3e:88:38:02:a3:4f:b3:86:d5:11:5d:e6:8e:
         bd:ec:55:dd:bb:f9:12:5f:76:9f:06:aa:d7:a4:dd:e8:f9:74:
         8d:d0:51:f1:63:05:b9:e6:ff:8d:2d:08:37:72:9a:e0:67:f2:
         cf:89:68:b6:31:96:8e:a9:28:b0:49:7b:95:b9:77:e6:3b:c0:
         c5:14:aa:4e:af:e6:5d:2e:f6:3f:9c:f8:8b:ad:7a:cc:5b:cc:
         cd:4f:35:9a:de:7d:ab:65:a3:3e:a2:c7:a3:3c:0b:ef:3c:7f:
         4e:da:a4:05:57:6f:42:0b:07:27:07:ee:ec:24:5d:64:02:b7:
         f5:24:bf:6c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUZukctv+nWaidymUN1SMxbyaF4qkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzA1Njc2YzczM2ZkOGNjYWU1YmU2M2I5MmJkZGM5MGI3
YTViNzRlNjk0NDljMWViMDQwHhcNMjUwOTI2MDA1MDA2WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A5MmM2YzcyMzhiODQwNzViMzIwNDVhOTNiMzhjYTdlODNk
OTRhMGI2Mzc5ZDI3YWEwYzAyZGE1MzE2YzQyZDBjMS0wKwYDVQQDEyQwMDk5YTdl
YS03OTRhLTRhMjgtYjE2NC00OTU0NzYyNmViMTEwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCtTcHlRKfbPvfYo0Sle9mXu2mBhRnFgHnTBdARPJL/wYOl
o8BroZXAtajav5bOLw0F02QOu/g5fai6/VAPoDmh4XmOzPShWsyLKkOaG5IzeC4r
LXfpP64eTNLz1X7yuTgklgFkNh6LUxABgouuvs529WplN0MfeI1M8Mrz9KtCbt6G
NiGn6VnPv4okoFietHDRi9lnkFI00qAImEaehx5Jy2fd6dzqJFYbW741EQ9FUwj/
SSf/uxfkO4pkiKebaiR7l9aKCEsMXS1PhVLMCrSpSiyEVd8KoE7n8MTK5leRN3t9
uQSKFVmngKp7nsv6cnmz1YV02z1y+Jv6H2Jr+VKdAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUebozWiLf+rNJoZ8qGOkCLNhDd1IwHwYDVR0jBBgwFoAUmcNUTAjJlFS4
eZUe/6R6j2PIp3cwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi83N2I1NjQyOC05
YjUyLTQxNmYtYjI3OS1iYmFlMTQ0MjJkZTIvYzA1Njc2YzczM2ZkOGNjYWU1YmU2
M2I5MmJkZGM5MGI3YTViNzRlNjk0NDljMWViMDQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNDI1ODJjNjctZGQzZi00YmM1LWJhNjAtZTk3
ZTU1MmM2ZTM1L2YyZTVlMTFjLWY0ZTAtNGY5MS04ZWQxLWE2Y2JhNmM1ZTI4OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzQyNTgyYzY3LWRkM2YtNGJjNS1iYTYw
LWU5N2U1NTJjNmUzNS9fWXpLNWI1anVTdmR5UXQ2VzNUbWxFbkI2d1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAdgfwAwDQYJKoZIhvcNAQELBQADggEBAE6Vez/IDNl6aQ9UOj4hcHulXhh2
9qLqnz4QUHjljOlsPuX4NRD4pBxmpZkRkVLihChaSK1htxazkPlq9DuQxIdkx8Ja
Dwgxj3P7e67hLFQeb1pelQ51GeD8zjSVABSXVQ9YzNyvlTdECuDGer+5SYSwKTpj
0IknMpXyUd6xwetMKxABPog4AqNPs4bVEV3mjr3sVd27+RJfdp8Gqtek3ej5dI3Q
UfFjBbnm/40tCDdymuBn8s+JaLYxlo6pKLBJe5W5d+Y7wMUUqk6v5l0u9j+c+Iut
esxbzM1PNZrefatloz6ix6M8C+88f07apAVXb0ILBycH7uwkXWQCt/Ukv2w=
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:58:41 2025 by rpki-client